You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OS: Ubuntu 24.04.2 LTS SSSD: 2.9.4 Domains: tested on AD and FreeIPA
Hi, I'm currently working on creating a custom greeter and have encountered a problem with pam_sss. It sends error messages as informational messages (Calling pam_prompt function with PAM_TEXT_INFO type instead of PAM_ERROR_MSG). This makes it difficult to display errors properly in the greeter. Below is a section from the auth.log file:
2025-03-04T09:24:05.217439+03:00 ubuntu-lts-en login[4452]: PAM unable to dlopen(pam_lastlog.so): /usr/lib/security/pam_lastlog.so: cannot open shared object file: No such file or directory
2025-03-04T09:24:05.217487+03:00 ubuntu-lts-en login[4452]: PAM adding faulty module: pam_lastlog.so
2025-03-04T09:24:07.814285+03:00 ubuntu-lts-en login[4452]: pam_unix(login:auth): authentication failure; logname=igor uid=0 euid=0 tty=/dev/pts/2 ruser= rhost= [email protected]
2025-03-04T09:24:07.980701+03:00 ubuntu-lts-en login[4452]: pam_sss(login:auth): authentication failure; logname=igor uid=0 euid=0 tty=/dev/pts/2 ruser= rhost= [email protected]
2025-03-04T09:24:07.980786+03:00 ubuntu-lts-en login[4452]: pam_sss(login:auth): received for user [email protected]: 12 (Authentication token is no longer valid; new one required)
2025-03-04T09:24:08.116928+03:00 ubuntu-lts-en login[4452]: pam_sss(login:account): User info message: Password expired. Change your password now.
2025-03-04T09:24:08.117140+03:00 ubuntu-lts-en login[4452]: pam_unix(login:chauthtok): user "[email protected]" does not exist in /etc/passwd
2025-03-04T09:24:19.346265+03:00 ubuntu-lts-en login[4452]: pam_unix(login:chauthtok): user "[email protected]" does not exist in /etc/passwd
2025-03-04T09:24:19.545395+03:00 ubuntu-lts-en login[4452]: pam_sss(login:chauthtok): User info message: Password change failed. Server message: Password does not contain enough character classes#012#012Password not changed.
2025-03-04T09:24:19.545532+03:00 ubuntu-lts-en login[4452]: pam_sss(login:chauthtok): Password change failed for user [email protected]: 20 (Authentication token manipulation error)
2025-03-04T09:24:19.545588+03:00 ubuntu-lts-en login[4452]: Authentication token manipulation error
So I have a couple of questions:
Is this behavior correct?
If it is, what was the reason behind it?
The text was updated successfully, but these errors were encountered:
Environment:
OS: Ubuntu 24.04.2 LTS
SSSD: 2.9.4
Domains: tested on AD and FreeIPA
Hi, I'm currently working on creating a custom greeter and have encountered a problem with
pam_sss. It sends error messages as informational messages (Callingpam_promptfunction withPAM_TEXT_INFOtype instead ofPAM_ERROR_MSG). This makes it difficult to display errors properly in the greeter. Below is a section from theauth.logfile:So I have a couple of questions:
The text was updated successfully, but these errors were encountered: